header-logo
Suggest Exploit
explore-vulnerabilities

Explore Vulnerabilities

Version
Year

Explore all Exploits:

phpBB 2.0.4 Remote Admin_Styles.PHP Theme_Info.CFG File Include

This exploit allows an attacker to include arbitrary files on a vulnerable phpBB 2.0.4 installation. By manipulating the 'sfile' variable, an attacker can execute malicious code on the server. The vulnerability was discovered in June 2003 by Spoofed Existence.

AROX School-ERP Pro Unauthenticated Remote Code Execution

This module exploits a command execution vulnerability in AROX School-ERP. 'import_stud.php' and 'upload_fille.php' do not have session control. Session start/check functions in Line 8,9,10 are disabled with slashes. Therefore an unathenticated user can execute the command on the system.

Aida64 6.00.5100 ‘Log to CSV File’ Local SEH Buffer Overflow Exploit

This exploit takes advantage of a buffer overflow vulnerability in Aida64 version 6.00.5100. By pasting specific content into the 'Log Sensor Reading to CSV log File' field in the application, an attacker can trigger a SEH buffer overflow.

Pronestor Service PNHM Local Privilege Escalation

The Pronestor service PNHM before 8.1.12.0 has insecure permissions for the PronestorHealthMonitor.exe file, allowing local users to gain privileges by executing a Trojan horse PronestorHealthMonitor.exe file. The vulnerability is due to the weak file permissions set during the installation of Pronestors Outlook-Add-In, which creates the PNHM service running as SYSTEM and allows all Authenticated Users to potentially execute arbitrary code as SYSTEM on the local system.

UliCMS 2019.1 “Spitting Lama” – Stored Cross-Site Scripting

This vulnerability is in the authentication state and is located in the CMS management panel. There are two vulnerabilities: Vuln One and Vuln Two. Vuln One is in the URI POST /ulicms/admin/index.php?action=languages with parameter name. Vuln Two is in the URI POST /ulicms/admin/index.php?action=pages_edit&page=23 with parameter systemname.

CVE-2019-0841 BYPASS #2

This exploit allows an attacker to bypass CVE-2019-0841 by deleting files and subfolders within a specific directory, causing Microsoft Edge to crash and then write the DACL while impersonating the SYSTEM. The bug is not restricted to Edge and can potentially be triggered with other packages as well. The bug can be triggered silently without Edge popping up, by launching Edge once and then minimizing or closing it. The exploit can be executed programmatically, using methods like sendinput.

MWOpen E-Commerce All Versions “leggi_commenti.asp” SQL Injection

The vulnerability allows an attacker to execute arbitrary SQL commands on the target system by injecting malicious SQL code into the 'id' parameter of the 'leggi_commenti.asp' page. By exploiting this vulnerability, an attacker can retrieve sensitive information from the database, such as passwords.

IBM Websphere Application Server Network Deployment Untrusted Data Deserialization Remote Code Execution

This module exploits untrusted serialized data processed by the WAS DMGR Server and Cells. NOTE: There is a required 2 minute timeout between attempts as the neighbor being added must be reset.

Vulnerability in WasmMemoryObject Grow function

When `Grow` is called on a `WebAssembly.Memory` object that's backed by a `SharedArrayBuffer`, it uses the buffer's backing store pointer to construct a new array buffer[1]. Calling `Detach` on shared buffers is prohibited by the spec, so the method just leaves the old one as it is. Thus two array buffers mi

Recent Exploits: